For today’s object lesson (and maybe abject lesson), I give you FIS Global and Guaranty Bank and Trust. I’ve written up the incident in more detail over on the Daily Dot, but the short version is a hacker (@1×0123) found a vulnerability in FIS Global’s client portal login and tweeted about it. FIS didn’t respond to him directly. Instead, they…
Category: Commentaries and Analyses
Computer Crash Wipes Out Years of Air Force Investigation Records
Marcus Weisgerber reports: The U.S. Air Force has lost records concerning 100,000 investigations into everything from workplace disputes to fraud. A database that hosts files from the Air Force’s inspector general and legislative liaison divisions became corrupted last month, destroying data created between 2004 and now, service officials said. Neither the Air Force nor Lockheed Martin, the defense…
Boards ready to fire over bad security reporting
Maria Korolov reports: If CISOs don’t do a good job of communicating, 59 percent of board members said that the security executives stand to lose their jobs, according to a new survey released today. “If they’re not up to par in the minds of the board, there will be action taken,” said Ryan Stolte, co-founder and…
Tennessee Breach-Notification Law Indicative of Data-Security Regulators’ Lack of Creativity
David Zetoony of Bryan Cave writes: There is no shortage of data-privacy and security laws in the United States. By our count there are now about 300 state and federal statutes. They include breach-notification laws, data-disposal laws, data-safeguard laws, payment card information-protection laws … the list goes on and on. Many of these laws, and…
A Computer Security Start-Up Turns the Tables on Hackers
Nicole Perlroth reports: Standing before a crowded room of entrepreneurs and investors at a conference in San Francisco last summer, former Vice President Al Gore described how climate change could be contained, possibly even reversed. Next to take the stage was Kevin Mandia, the founder of Mandiant, a security company acquired by another security company called FireEye,…
Privacy Concerns Arise over Annapolis, Md., Parking Website
Chase Cook reports: Annapolis resident Linda Farrell was excited to use the city’s new online residential parking website. But when she opened the online form, she noticed her web browser telling her the website wasn’t secure. This after asking for her address, vehicle license plate and driver’s license number — information she felt was personal….